← voltar
CVE-2020-7523

CVE-2020-7523

EPSS 0.2%CWE-269
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
31 ago 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. The driver does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.